def apiAddMailingList(request):
    Authorizer.authorizeEmployee(request)
    postVars = request.POST
    print(postVars)
    if "name" not in postVars:
        raise exc.HTTPBadRequest()

    try:
        cnx = mysql.connector.connect(user="******", password="******", host="127.0.0.1", database="305")
        cursor = cnx.cursor(dictionary=True)

        query = "INSERT INTO MailingLists(name, createdBy) VALUES(%s, %s)"
        cursor.execute(query, tuple([postVars["name"], Authorizer.getCurrentUser(request)["id"]]))

        if "customers[]" in postVars:
            # postVars.getall('customers[]')
            query = "SELECT LAST_INSERT_ID() as id"
            cursor.execute(query)
            mailingListID = cursor.fetchone()["id"]
            print(mailingListID)
            for customerID in postVars.getall("customers[]"):
                print(customerID)
                query = "SELECT COUNT(*) as count FROM Customers where id = %s"
                cursor.execute(query, tuple([str(customerID)]))
                count = cursor.fetchone()["count"]
                if count != 0:
                    query = "INSERT INTO MailingListsMappings(listID, customerID) VALUES (%s, %s)"
                    cursor.execute(query, tuple([mailingListID, customerID]))
                else:
                    raise exc.HTTPBadRequest()

        cursor.close()
        cnx.commit()
        cnx.close()
    except mysql.connector.Error as err:
        return Response("Something went wrong: {}".format(err), status=500)

    raise exc.HTTPOk()
Exemple #2
0
def itemSuggestions(request):
    Authorizer.authorizeCustomer(request)

    session = request.session
    customerID = None
    if(Authorizer.getCurrentUserType(request) == 0):
        customerID = Authorizer.getCurrentUser(request)['id']
    else:
        if('customerID' in request.GET):
            customerID = request.GET['customerID']
        else:
            raise exc.HTTPBadRequest()

    query = """
        SELECT * FROM Items WHERE type IN (
            SELECT type FROM Items WHERE id IN (
                SELECT itemID FROM Searches WHERE customerID = %s
                )
            )
        AND Items.name NOT IN (
            SELECT name FROM Items WHERE id IN (
                SELECT itemID FROM Auctions WHERE id IN (
                    SELECT auctionID FROM Bids WHERE customerID = %s
                    )
                )
            )
        LIMIT 5
        """

    suggestedItems = []
    try:
        cnx = mysql.connector.connect(user='******', password='******', host='127.0.0.1', database='305')
        cursor = cnx.cursor(dictionary=True)

        cursor.execute(query, tuple([str(customerID), str(customerID)]))

        for row in cursor:
            item = {}
            for key in row:
                if(isinstance(row[key], datetime)):
                    item[key] = row[key].isoformat()
                elif(isinstance(row[key], Decimal)):
                    item[key] = str(row[key])
                else:
                    item[key] = row[key]
            suggestedItems.append(item)

        for item in suggestedItems:
            query = ("SELECT url FROM ItemsImages WHERE itemID = %s")
            cursor.execute(query, tuple([str(item['id'])]))
            urls = []
            for row in cursor:
                urls.append(row['url'])
            item['images'] = urls

        cursor.close()
        cnx.close()
    except mysql.connector.Error as err:
        return Response("Something went wrong: {}".format(err), status=500)

    return suggestedItems